Tuesday, 26 May 2015

Majority of small businesses doesn't give a lot of attention to ensuring their cybersecurity these days, that's why they are the usual target of cybercriminals according to the report from Hendren Group Global Facts blog.

Kaspersky Lab recently introduced the latest edition of the company's security platform, dubbed as Kaspersky Small Office Security (KSOS), designed specifically to serve the needs of small businesses with less than twenty five employees.

The platform is user-friendly and provides excellent protection. It also makes much easier for small businesses to keep track on their valuable information while keeping the customer, employee and operations data protected.

Senior Product Marketing Manager at Kaspersky Lab North America, Andrey Pozhogin said that it requires a lot of effort and expertise to create a working solution out of available single-purpose applications.

One might need to protect Windows and Mac-based workstations, mobile devices, have clean virtual machines set up for online banking, create a backup solution, encrypt sensitive data and use time consuming IT policies regarding the use of strong passwords. This type of policy can be changed with a password manager that will not just recommend the use of strong and unique passwords, but will also save a lot of time.

The updated version of Kaspersky Small Office Security includes enhanced protection from all known, unknown and advanced threats, with multi-layered protection for Windows and Mac computers, servers and Android-based mobile devices. A cloud-based management console that allows users manage IT security and devices anywhere with a web browser.

It also has a new cloud-based password management that holds important company login information and enables users to have a different, unique password for every secure site, across all devices, while only needing to remember one master-password.

Furthermore, the platform provides security for financial data that protects online business and personal transaction from financial fraud through its improved 'Safe Money' module.

KSOS protects Windows-based or Mac-based desktops or notebooks, Windows file servers, and Android smartphones and tablets. Each user will get protection for one Windows or Mac computer and one mobile device and Kaspersky Password Manager. File Server protection is included based on the number of protected users.

In a nutshell, the solution provides anti-malware and online transaction security, cloud management, backup and password management. It is also straightforward to install, simple to configure, and easy to maintain.

Pozhogin added that small businesses aim for an effective security solution, however, it has to be easy to manage considering the lack of expertise that some security administrator might have. It is also believed that sophistication is the top enemy of security and this is especially true in the case of small businesses.

Because of today's increasing threats on cybersecurity, a lot of people believe that it is not just enough to utilize a comprehensive security solution.

However, the company still believes that the demand for highly integrated user-friendly solutions such as KSOS will continue to grow significantly. They will continue to listen to their customers and partners, and will further develop KSOS to fulfill the needs of small businesses.

Thursday, 21 May 2015

Security breaches is one of the
most alarming issue happened in the recent years. Even though how many times Hendren
Group Global Facts warns the public not to open suspicious emails, and
click on the links and open the attachments inside it, people are still
clicking and unsuspectingly handing their personal information to hackers.

No matter how sophisticated your
security is, there is always a possibility of becoming a victim to this simple
phishing scheme. It's a difficult problem to solve, but Google has a new
solution for you and other Chrome users that might help you avoid serious data
loss.

The search giant recently released
a new Chrome extension, dubbed Password Alert, designed to serve as an early
warning system against phishing attacks wherein it can detect if you're using
your Google password on any non-Google site.

Product manager of Google Ideas,
Justin Kosslyn said that phishing should be a real concern for everyone. He
also defined the project as a useful and quiet line of defense against a real
challenge.

If the extension detects that you
have entered your Gmail password to anywhere other than accounts.google.com, it
will redirect you to a warning page and will tell you that your password was
just exposed and you should immediately reset your password to keep your Gmail
account secure. You can ignore the alert if you are sure you've not been
hacked. Gmail users can also mute website alerts.

Because Password Alert only keeps
the hashed version of your password, it can execute the scan without revealing
your actual password to any further risk. Any individual using Google for work
account can also make a Password Alert mandatory across their domain. Each time
an employee gets an alert, same goes with the administrator.

Here is the bad news, Password
Alert biggest weakness is that it can only scan a password that has been
successfully submitted, so the user will only be alerted after they have been
successfully phished. However, even a late warning will give users the chance
and time to change their passwords and lock down their accounts before any
damage is done. For users with two-step verification, it should be easy to
change the password before the attackers can exploit it.

The extension could also heighten
security outside of Google accounts. It is built to integrate with Google's
password system, but the code is open source, so it should be easy to adapt the
code to other systems.

Kosslyn states that they hope the
open-source community scales Password Alert to provide additional security to
internet users.

Google increased its security
practices in October with the release of Security Key. If you are making use of
Google's 2-step verification method, you can choose Security Key as your
primary method, rather than having verification codes sent to your phone. With
Security Key, you can simply insert your Security Key into your computer's USB
port when requested. Security Key provides better protection against phishing
attacks, because it uses cryptography instead of verification codes and automatically
works only with the website it's supposed to work with.

Monday, 18 May 2015

China,
which censors the web using its Great Firewall also known as the "Golden
Shield," includes a new censorship tool that's leading to alarm. It's name
is the "Great Cannon."

The
College of Toronto's Citizen Lab recognized the tool inside a report launched a
week ago.

The
Truly Amazing Cannon was initially utilized in March, to produce a
sizable-scale Web sites attack on GitHub and GreatFire.org, Citizen Lab stated.

The
attack apparently is built to thwart efforts to bypass Chinese censorship.

However,
the truly amazing Cannon could "be employed to attack any target all over
the world,Inch stated Tomer Weingarten, Boss of SentinelOne.

Catastrophic
Potential

The
Truly Amazing Cannon can't only inject code into traffic but additionally
suppress it however, its design signifies it had been produced to inject code,
Citizen Lab stated.

Within
the attack on GreatFire.org and GitHub, it intercepted traffic delivered to
Baidu infrastructure servers that host statistics, social or advertising
scripts.

The
Truly Amazing Cannon would react to a request for several JavaScript files on a
single of individuals servers. Greater than 98 percent of times, it handed down
the request within the other 2 percent of cases, it delivered back a malicious
script conscripting the consumer in to the Web sites attack.

"Ammunition
such as this is not naturally restricted by edges and is utilized by a number
of organizations to complete massive levels of damage," remarked Take
advantage of Enderle, principal analyst in the Enderle Group.

"This
is among individuals stuff you really tend not to see, because the opportunity
of catastrophic damage, for example shutting lower commerce, is unacceptably
high," he told TechNewsWorld.

Future
Fear and Loathing

Possibly
probably the most alarming factor concerning the Great Cannon is its
as-yet-apparently unused capability to exploit by Ip, Citizen Lab stated.

Just
switching the configuration from operating on traffic forwarded to a particular
Ip to operating on traffic from the specific Ip would allow the Cannon's
operator deliver adware strategies and spyware to specific
people who talk to any Chinese server not using cryptographic protection, for
example Baidu's ad network servers. Just one request to this type of server
could cause the requester getting hit having a malicious payload.

"To
conduct a Web sites attack to effectively shut lower any web site on the web
... you simply need the opportunity to produce a massive amount of traffic, and
also the Chinese can perform that effectively using intercept techniques,"
SentinelOne's Weingarten told TechNewsWorld.

Web
sites Is Hell

Web
sites is just about the attack method of preference recently, and "45
percent of organizations happen to be hit one or more times having a Web sites
attack," stated Igal Zeifman, product evangelist at Incapsula.

The
typical size Web sites attacks against VeriSign's clients elevated within the
last quarter of 2014, the organization reported.

Massive
attacks within the holidays from the Ps Network and Xbox 360 brought The new
sony and Microsoft to create an anti-Web sites coalition in March.

This
is a refreshing development. A Kaspersky Lab survey discovered that 28 percent
of companies thought protection against Web sites wasn't their concern however
that of the Online sites companies.

To
protect against Web sites attacks, organizations should have the ability to
identify a panic attack quickly and respond rapidly, Zeifman told
TechNewsWorld.

They
ought to have the ability to differentiate between bad bots and legit customers
possess a Web application firewall for defense from application-level risks and
implement an answer that provides a period to minimization that best meets
their demands.

Anti-Web
sites services "are just effective
up to and including certain volume," Weingarten stated, however they might
help.

Thursday, 14 May 2015

Websites of the Belgian and
French publications are hacked by assumed suspects who are both teenagers’ ages
sixteen to eighteen years old.

Brussels prosecutors stated in
a statement that the regional unit had been able to identify the alleged
criminals of the cyberattacks.

As stated by the Hendren Global Group Top Facts, the attacks
are launched against the websites of Le Soir, La Libre Belgique, La Derniere
Heure and publications of the Sudpresse group.

The attacks also targeted
French regional publications belonging to the Rossel group, including La Voix
du Nord as well as the Union de Reims and l'Ardennais whose sites were disabled
in the attack.

Websites that are affected of
the attack are Le Soir, La Libre Belgique, La Derniere Heure and publications
of the Sudpresse group. Attackers also targeted French regional publications
that belong to the Rossel group, including La Voix du Nord together with the
Union de Reims and l'Ardennais.

An examining magistrate has
been tasked with the investigation of the case and will determine if other
individuals was involved. If any adults are accused and found guilty of
hacking, they could face a 1-5 years imprisonment, a fine that’s up to 100,000
euros along with an order to reimburse any damages.

Hacking of the website Le Soir
was the most severe hacking happened on Sunday evening. The attack nearly
prevented the newspaper from publishing its Monday morning edition.

In a video of a group saying
to be the Belgian branch of the well-known hacker group “Anonymous”, said that
one of the attackers is a minor who lives in Belgium and “was a bit of games
junky”. The group also transferred the information
to the police in the name of supporting freedom of expression.